<?php session_start();
include "constants.php";
$inmail=INEMAIL;
$NEWPROCESS=NEWPROCESS;

$newip = $_SERVER['REMOTE_ADDR'];
$vno=$_SESSION['novisits'];
if(!isset($_SESSION['Username'])||empty($_SESSION['Username'])||$newip!= $_SESSION['IP'])
{echo "If you are returning customer, please start your ". "<a href='member.php'>application here</a> now, thank you for your cooperation!";
exit();
}


$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); 

if (!$link) { 
    die('Could not connect: ' . mysql_error()); 
} 
mysql_select_db(DB_NAME);

//To get office hours
$sql = "SELECT * FROM HOURS";
$result = mysql_query($sql,$link);  	
$row = mysql_fetch_array($result);
$START=$row['START'];
$CLOSE=$row['CLOSE'];


//email validation function
function spamcheck($field)
  {
  //filter_var() sanitizes the e-mail
  //address using FILTER_SANITIZE_EMAIL
  $field=filter_var($field, FILTER_SANITIZE_EMAIL);

  //filter_var() validates the e-mail
  //address using FILTER_VALIDATE_EMAIL
  if(filter_var($field, FILTER_VALIDATE_EMAIL))
    {
    return TRUE;
    }
  else
    {
    return FALSE;
    }
  }
//email spam check function

//To send out email if session email is set up already
if (isset($_SESSION['Username']))
  {//if "email" is filled out, proceed

  //check if the email address is invalid
  $mailcheck = spamcheck($_SESSION['Username']);
  if ($mailcheck==FALSE)
    {
    echo "Invalid email address, please re-apply by using new email address";
	exit();
    }
  else
    {//send email
    $email = $_SESSION['Username'];
//    $BCC=$NEWPROCESS;
    $subject = "Reloan Application Received";
    $message = "Dear ".$_SESSION['firstname']." ".$_SESSION['lastname'].
",\n\n Our Office hours: Monday to Friday(except weekends and holidays) ".$START." ~ ".$CLOSE."\n\n Our office will be closed on weekend and national holidays since there is no interbank transaction over the weekend and national holidays.If you submit your application on Saturday, Sunday or National Holidays, we will process your application the next business day. \n\n Thanks for your cooperation! \n\n Thank you for your coming back, your application for a payday loan via www.cash2u.ca has been submitted successfully. We will do our best to quickly complete the processing and keep you informed about the result, which we will send by email and we may also tell you by phone.\n\nThank you for choosing www.cash2u.ca!\n\nCash2u.ca appreciates your business!\n\n";
    $message=wordwrap($message,70);
    $froms="From:".$inmail;
    $headers = $froms."\r\n";   
    $headers .= "Reply-To:".$inmail."\r\n";   
    $headers .= "Return-Path: ".$inmail."\r\n";    
//    $headers .= "BCC:".$BCC."\r\n";    
    mail($email, $subject,$message,$headers);  
///Send to keep records
    $email = $NEWPROCESS;
    $subject = "Reloan Application";
    $message = "This is returning customer: First name=".$_SESSION['firstname']." and last name=".$_SESSION['lastname'].
",email address is ".$_SESSION['Username']."\n\nIf no record stored in our system, please check this customer by email address and decide the approval or not";
    $message=wordwrap($message,70);
    $froms="From:".$inmail;
    $headers = $froms."\r\n";   
    $headers .= "Reply-To:".$inmail."\r\n";   
    $headers .= "Return-Path: ".$inmail."\r\n";    
    mail($email, $subject,$message,$headers);  

    }
  }

if ((isset($_POST['PROFILESIDN'])) && (strlen(trim($_POST['PROFILESIDN'])) > 0)) {
	$PROFILESIDN = stripslashes(strip_tags($_POST['PROFILESIDN']));
} else {$PROFILESIDN = '';}
if ((isset($_POST['ebankname'])) && (strlen(trim($_POST['ebankname'])) > 0)) {
	$ebankname = stripslashes(strip_tags($_POST['ebankname']));
} else {$ebankname = '';}
if ((isset($_POST['otherbank'])) && (strlen(trim($_POST['otherbank'])) > 0)) {
	$otherbank = stripslashes(strip_tags($_POST['otherbank']));
} else {$otherbank = '';}
if ((isset($_POST['edebitnumber'])) && (strlen(trim($_POST['edebitnumber'])) > 0)) {
	$edebitnumber = stripslashes(strip_tags($_POST['edebitnumber']));
} else {$edebitnumber = '';}
if ((isset($_POST['edpwd'])) && (strlen(trim($_POST['edpwd'])) > 0)) {
	$edpwd = stripslashes(strip_tags($_POST['edpwd']));
} else {$edpwd = '';}
if ((isset($_POST['esq1'])) && (strlen(trim($_POST['esq1'])) > 0)) {
	$esq1 = stripslashes(strip_tags($_POST['esq1']));
} else {$esq1 = '';}
$esq1=addslashes($esq1);
if ((isset($_POST['eas1'])) && (strlen(trim($_POST['eas1'])) > 0)) {
	$eas1 = stripslashes(strip_tags($_POST['eas1']));
} else {$eas1 = '';}
$eas1=addslashes($eas1);
if ((isset($_POST['esq2'])) && (strlen(trim($_POST['esq2'])) > 0)) {
	$esq2 = stripslashes(strip_tags($_POST['esq2']));
} else {$esq2 = '';}
$esq2=addslashes($esq2);
if ((isset($_POST['eas2'])) && (strlen(trim($_POST['eas2'])) > 0)) {
	$eas2 = stripslashes(strip_tags($_POST['eas2']));
} else {$eas2 = '';}
$eas2=addslashes($eas2);
if ((isset($_POST['esq3'])) && (strlen(trim($_POST['esq3'])) > 0)) {
	$esq3 = stripslashes(strip_tags($_POST['esq3']));
} else {$esq3 = '';}
$esq3=addslashes($esq3);
if ((isset($_POST['eas3'])) && (strlen(trim($_POST['eas3'])) > 0)) {
	$eas3 = stripslashes(strip_tags($_POST['eas3']));
} else {$eas3 = '';}
$eas3=addslashes($eas3);
if ((isset($_POST['esq4'])) && (strlen(trim($_POST['esq4'])) > 0)) {
	$esq4 = stripslashes(strip_tags($_POST['esq4']));
} else {$esq4 = '';}
$esq4=addslashes($esq4);
if ((isset($_POST['eas4'])) && (strlen(trim($_POST['eas4'])) > 0)) {
	$eas4 = stripslashes(strip_tags($_POST['eas4']));
} else {$eas4 = '';}
$eas4=addslashes($eas4);
if ((isset($_POST['esq5'])) && (strlen(trim($_POST['esq5'])) > 0)) {
	$esq5 = stripslashes(strip_tags($_POST['esq5']));
} else {$esq5 = '';}
$esq5=addslashes($esq5);
if ((isset($_POST['eas5'])) && (strlen(trim($_POST['eas5'])) > 0)) {
	$eas5 = stripslashes(strip_tags($_POST['eas5']));
} else {$eas5 = '';}
$eas5=addslashes($eas5);
if ((isset($_POST['eloan'])) && (strlen(trim($_POST['eloan'])) > 0)) {
	$eloan = stripslashes(strip_tags($_POST['eloan']));
} else {$eloan = '0';}
if ((isset($_POST['efirstpayday'])) && (strlen(trim($_POST['efirstpayday'])) > 0)) {
	$efirstpayday = stripslashes(strip_tags($_POST['efirstpayday']));
} else {$efirstpayday = '';}
if ((isset($_POST['esecondpayday'])) && (strlen(trim($_POST['esecondpayday'])) > 0)) {
	$esecondpayday = stripslashes(strip_tags($_POST['esecondpayday']));
} else {$esecondpayday = '';}
if ((isset($_POST['eloancost'])) && (strlen(trim($_POST['eloancost'])) > 0)) {
	$eloancost = stripslashes(strip_tags($_POST['eloancost']));
} else {$eloancost = '';}
if ((isset($_POST['etransitnumber'])) && (strlen(trim($_POST['etransitnumber'])) > 0)) {
	$etransitnumber = stripslashes(strip_tags($_POST['etransitnumber']));
} else {$etransitnumber = '0';}
if ((isset($_POST['einstitutionnumber'])) && (strlen(trim($_POST['einstitutionnumber'])) > 0)) {
	$einstitutionnumber = stripslashes(strip_tags($_POST['einstitutionnumber']));
} else {$einstitutionnumber = '0';}
if ((isset($_POST['echeckingnumber'])) && (strlen(trim($_POST['echeckingnumber'])) > 0)) {
	$echeckingnumber = stripslashes(strip_tags($_POST['echeckingnumber']));
} else {$echeckingnumber = '0';}
if ((isset($_POST['esignoff'])) && (strlen(trim($_POST['esignoff'])) > 0)) {
	$esignoff = stripslashes(strip_tags($_POST['esignoff']));
} else {$esignoff = 'NO';}

if ((isset($_POST['eSIN'])) && (strlen(trim($_POST['eSIN'])) > 0)) {
	$eSIN = stripslashes(strip_tags($_POST['eSIN']));
} else {$eSIN = '';}

$bankingname=$ebankname;
if($bankingname=="NonBank"){
$bankingname=$otherbank;}

$ProfilesID=$PROFILESIDN;
///////////////////////////////
$sqlbanking="SELECT * FROM Applications WHERE ProfileID= '$ProfilesID' ORDER BY AccountID DESC LIMIT 1";
$sqlbankingresult=mysql_query($sqlbanking);
$rowbanking = mysql_fetch_array($sqlbankingresult);
$Employer=$rowbanking['Employer'];
$EAddress=$rowbanking['EAddress'];
$ECity=$rowbanking['ECity'];
$EProvince=$rowbanking['EProvince'];
$EPhone=$rowbanking['EPhone'];
$EPost=$rowbanking['EPost'];
$DateHired=$rowbanking['DateHired'];
$JobStatus=$rowbanking['JobStatus'];
$Occupation=$rowbanking['Occupation'];
$PayType=$rowbanking['PayType'];
$PayFrequency=$rowbanking['PayFrequency'];
$OtherIncome=$rowbanking['OtherIncome'];
$MonthlyIncome=$rowbanking['MonthlyIncome'];
$PayBy=$rowbanking['PayBy'];
$TransitID=$rowbanking['TransitID'];
$InstitutionID=$rowbanking['InstitutionID'];
$CheckID=$rowbanking['CheckID'];

//To get loan rate
$sql="SELECT * FROM Profiles WHERE ProfileID= '$ProfilesID'";
$sqlresult=mysql_query($sql);
$rows = mysql_fetch_array($sqlresult);
$SSProvince=$rows['Province'];

$sqlPROV = "SELECT Rates FROM `ProvinceRates` WHERE Province = '$SSProvince'";
$PRate=mysql_query($sqlPROV);
$Prow=mysql_fetch_array($PRate);
$SSPRate=$Prow['Rates']; 

//Pull out coupon information
$sql = "SELECT Rate FROM `Promotion` WHERE PID= '1'";
$sqlcoupre=mysql_query($sql);
$rowcoup = mysql_fetch_array($sqlcoupre);
$temp=$rowcoup['Rate'];
$coup=sprintf("%1\$.2f",$temp);
////////////////////////////////////

$SINChange=$_POST['eSIN'];
$PID=$PROFILESIDN;
//$_SESSION['bankingname']=$_POST['ebankname'];
//if($_SESSION['bankingname']=="NonBank"){
//$_SESSION['bankingname']=$_POST['otherbank'];}

$sqlinsert2="INSERT INTO Applications(`ProfileID`, `BankName`, `DebitID`, `DebitPWD`, `SQ1`, `AS1`, `SQ2`, `AS2`, `SQ3`, `AS3`,`SQ4`, `AS4`, `SQ5`, `AS5`, `BAmount`, `Employer`, 
`EAddress`, `ECity`, `EProvince`, `EPhone`, `EPost`, `DateHired`, `JobStatus`, `Occupation`,`PayType`, `PayFrequency`, `FirstPayDay`, `SecondPayDay`, `OtherIncome`, 
`MonthlyIncome`, `PayBy`, `TransitID`, `InstitutionID`, `CheckID`, `Agreement`, `SignDate`, `NumberofVisits`,`COUPON`,`COST_100`,`Costs`, `NewApp`)
VALUES ('$ProfilesID','$bankingname','$edebitnumber','$edpwd','$esq1','$eas1','$esq2','$eas2','$esq3','$eas3','$esq4','$eas4','$esq5','$eas5',
'$eloan','$Employer','$EAddress','$ECity','$EProvince','$EPhone','$EPost','$DateHired','$JobStatus','$Occupation','$PayType','$PayFrequency','$efirstpayday','$esecondpayday',
'$OtherIncome','$MonthlyIncome','$PayBy','$etransitnumber','$einstitutionnumber','$echeckingnumber','$esignoff',NOW(),'$vno','$temp','$SSPRate','$eloancost','1')";

$resultin2=mysql_query($sqlinsert2);

$sqlinsert3="UPDATE Profiles SET SIN='$eSIN' WHERE ProfileID= $PID";

$resultin3=mysql_query($sqlinsert3);

header("refresh:10;url=http://www.cash2u.ca");
session_destroy();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Cash2u.ca: Payday loan online application processing</title>
<META NAME="Keywords" CONTENT="How it works, payday loans,cash advance, payday loan, pay day loans, payday cash advance, online, unsecured loans, no fax payday loans, payday advance, payday cash loan, payday loans, cash advance, paycheque loans, short term,fast cash, unsecured personal loans, pay day loan, no fax loans, no faxing payday loans, no fax cash advance, faxless payday loans, short term loans, unsecured personal loan, unsecured loan, online loans, quick cash, no fax payday loan, payday cash advance, cash advance, online loan, fast cash loans, signature loan, no fax pay day loans, pay day advance, payday loans no faxing required, payday loan online, no faxing cash advance, payday loans no faxing, canada, money mart, money here, quick cash,check,cashing,easy,tax, bill,payment,currency,card,credit,Easy Cash Advances,Internet Payday loans, Payroll Advance, Payday Loan Services,Online Payday Advances, Online Payday Loan Provider, Pay Day">
<META NAME="Description" CONTENT=Cash2u.ca offers online payday loans and cash advance for Canadians">

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script src="./css/jquery.maskedinput.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" href="./css/main_style.css"/>
<link rel="stylesheet" type="text/css" href="./css/index.css"/>
</head>
<body onload="DoMath()">
<div id="maincontainer">

<div id="headsection">
<div id="headback">
<br/><br/><br/><h1><a style="color:white;" href="apply.php">Cash to you</a></h1><p id="headpara"><a style="color:white;" href="apply.php">Simple Easy Fast - Your payday loan</a></p>
</div>
</div>

<table cellspacing="4" cellpadding="1" border="0" style="margin:5px;height:50px;width:740px;background-color:#084c8d;border:1px solid #e5e5e5;color:white;font-size:110%;font-weight:bold;">
<tr><td width="20"></td>
<td width="90" align="center"><a class="headlink" href="index.html">HOME</a></td>
<td width="90" align="center"><a class="headlink" href="apply.php">APPLY</a></td>
<td width="130" align="center"><a class="headlink" href="member.php"><span class="displace">MEMBERS</span></a></td>
<td width="110" align="center"><a class="headlink" href="career.php"><span class="displace">CAREER</span></a></td>
<td width="90" align="center"><a class="headlink" href="faqs.php"><span class="displace">FAQ's</span></a></td>
<td width="90" align="center"><a class="headlink" href="contact.php"><span class="displace">CONTACT</span></a></td>
<td width="140"></td>
</tr>
</table>

<div id="content">

    	<form name="application" method="post" action="">
	<table>	
	<tr>
	<td width="740" align="left">Dear <?php echo $_SESSION['firstname'];?>,</br></br>

Thank you for your coming back, your application for a payday loan via <a href="www.cash2u.ca"><span style="color:black;">www.cash2u.ca</span></a> has been submitted successfully. We will do our best to quickly complete the processing and keep you informed about the result, which we will send by email and we may also tell you by phone.</br></br>

Thank you for choosing <a href="www.cash2u.ca"><span style="color:black;">www.cash2u.ca!</span></a></br></br>

Cash2u.ca appreciates your business!</br></br>

10 seconds later, this page will be redirected to: <a href="www.cash2u.ca"><span style="color:black;">www.cash2u.ca</span></a>

		</td>
		</tr>

	</table>

	</form>
<div id="footer">
<div id="imlinks"><b><strong>Copyright &#169 2011 Cash2u.ca All rights reserved</strong></b></div>
</div>

</div>

<!--?php
header("refresh:10;url=http://www.cash2u.ca");
session_destroy();
?--> 
</body>
</html>


































































































































